[Phpmyadmin-devel] Should a user be able to remove their own privileges?
Chirayu Chiripal
chirayu.chiripal at gmail.com
Wed Jul 16 23:59:06 CEST 2014
On Thu, Jul 17, 2014 at 3:21 AM, Hugues Peccatte <hugues.peccatte at gmail.com>
wrote:
>
> Le 16 juil. 2014 23:46, "Isaac Bennetch" <bennetch at gmail.com> a écrit :
>
> >
> > Bringing this to phpmyadmin--devel for further discussion. This is
> > specifically related to implementing feature request 1488 "User
> > privilege tab not shown in all relevant cases" [1]
> >
> > On 7/16/14, 4:00 PM, Chirayu Chiripal wrote:
> > > Does it makes sense, to allow a user to revoke some of the global
> > > privileges from himself?
> >
> > I think ideally, we would allow this but display a message warning that
> > it's a bad idea. Something like "You are attempting to remove privileges
> > from the user with which you are currently logged in. This is generally
> > a bad idea and might result in you being unable to log in or change
> > privileges. Are you sure you wish to remove these privileges?"
> >
> > I can't think of a scenario when a user would actually want to do this;
> > but just because it's a bad idea doesn't mean we should prevent the user
> > from doing it, right? Or in this case, is it reasonable to disallow this
> > action?
>
P.S.: Currently, it is allowed.
> >
> > What does everyone else think?
> >
> > 1 - https://sourceforge.net/p/phpmyadmin/feature-requests/1488/
>
> Hi,
>
> I agree with you that we should allow it, but also display a warning
> message.
>
> Hugues.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20140717/805994c9/attachment.html>
More information about the Developers
mailing list